OWASP Juice Shop やってみる
OWASP Juice Shopを試してみる
環境情報
- windows10
- virtual boxにamazonlinux2を入れる
- amazonlinux2にdockerを導入
環境構築
- Dockerで立てる
# docker pull bkimminich/juice-shop
# docker run --rm -p 3000:3000 bkimminich/juice-shop
> [email protected] start /juice-shop
> node app
info: All dependencies in ./package.json are satisfied (OK)
info: Detected Node.js version v12.18.2 (OK)
info: Detected OS linux (OK)
info: Detected CPU x64 (OK)
info: Required file index.html is present (OK)
info: Required file styles.css is present (OK)
info: Required file main-es2015.js is present (OK)
info: Required file tutorial-es2015.js is present (OK)
info: Required file polyfills-es2015.js is present (OK)
info: Required file runtime-es2015.js is present (OK)
info: Required file vendor-es2015.js is present (OK)
info: Required file main-es5.js is present (OK)
info: Required file tutorial-es5.js is present (OK)
info: Required file polyfills-es5.js is present (OK)
info: Required file runtime-es5.js is present (OK)
info: Required file vendor-es5.js is present (OK)
info: Configuration default validated (OK)
Wed, 12 Aug 2020 14:32:52 GMT helmet deprecated helmet.featurePolicy is deprecated (along with the HTTP header) and will be removed in helmet@4. You can use the `feature-policy` module instead. at server.js:151:16
info: Port 3000 is available (OK)
info: Server listening on port 3000
このままだとIPv6になってアクセスできなかった。
$ netstat -anp
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:35763 0.0.0.0:* LISTEN -
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN -
tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN -
tcp 0 0 10.0.2.15:22 10.0.2.2:61762 ESTABLISHED -
tcp 0 52 10.0.2.15:22 10.0.2.2:61802 ESTABLISHED -
tcp6 0 0 :::111 :::* LISTEN -
tcp6 0 0 :::22 :::* LISTEN -
tcp6 0 0 :::3000 :::* LISTEN -
この一番下のところ
vagrantのホスト名に対応するipv6アドレスをhostsに記載してみた
$ ifconfig
docker0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
inet 172.17.0.1 netmask 255.255.0.0 broadcast 172.17.255.255
ether 02:42:76:19:3c:54 txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 10.0.2.15 netmask 255.255.255.0 broadcast 10.0.2.255
inet6 fe80::a00:27ff:feb7:52ac prefixlen 64 scopeid 0x20<link>
ether 08:00:27:b7:52:ac txqueuelen 1000 (Ethernet)
RX packets 3216 bytes 454832 (444.1 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 3321 bytes 315627 (308.2 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.33.170 netmask 255.255.255.0 broadcast 192.168.33.255
inet6 fe80::a00:27ff:fee3:c1a1 prefixlen 64 scopeid 0x20<link>
ether 08:00:27:e3:c1:a1 txqueuelen 1000 (Ethernet)
RX packets 99 bytes 9108 (8.8 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 24 bytes 1812 (1.7 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets 63 bytes 5800 (5.6 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 63 bytes 5800 (5.6 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
eth0
のinet6
に記載のfe80::a00:27ff:feb7:52ac
を使ってみる
-> ダメ
解決した方法
# sysctl net.ipv4.conf.all.forwarding
net.ipv4.conf.all.forwarding = 0
これを
# sysctl net.ipv4.conf.all.forwarding=1
net.ipv4.conf.all.forwarding = 1
Score Board
スコアボードを出してみる。スコアボードのURLを推測する
でた!!
ひとつづつ試してみる。(つづく)
Author And Source
この問題について(OWASP Juice Shop やってみる), 我々は、より多くの情報をここで見つけました https://qiita.com/takemo7d/items/1db99d5d63556462f749著者帰属:元の著者の情報は、元のURLに含まれています。著作権は原作者に属する。
Content is automatically searched and collected through network algorithms . If there is a violation . Please contact us . We will adjust (correct author information ,or delete content ) as soon as possible .